[Owasp-sanantonio] Attend the April OWASP Austin Chapter Meeting Remotely!

David Hughes david.hughes at owasp.org
Mon Apr 29 12:49:48 UTC 2013


FYI


    OWASP Austin April Chapter Meeting - CSP to the Rescue - Neil
    Matatall, Twitter

*Please RSVP at the link below so we can plan for food. By doing this,
you will also be signed up for our monthly drawings!*

*When:* Tuesday, April 30th, from 11:30am - 1:00pm

*Where:* National Instruments, 11500 N. Mopac.Building C

*Topic:*CSP to the Rescue

Abstract: CSP to the rescue XSS is still very much an unsolved problem.
Browser quirks, contextual mismatches, and programmer error can be
attributed to 100% of stored/reflected XSS. It is a problem we have been
battling for almost 20 years. Even with input validation and output
encoding, how can we be certain that we will never execute unintended
Javascript? CSP. Implementing CSP to provably disable cross-site
scripting isn't trivial, but I propose that anyone can do it. During
this presentation we'll look at how the spec accomplishes its goal,
recommendations for implementing its application, lessons learned, and
tools that support the application of CSP.


*Speaker:* Neil Matatall, Twitter

Neil is a security engineer for Twitter. He focuses on integrating
security technologies into the software development stack at all levels.
He would prefer to grow a powerful neckbeard and code in the dark, but
sometimes life gets in the way. He has been involved with OWASP since
2008 and had lead the OWASP OC chapter and has contributed to many open
source projects.



Attend the Meeting remotely via GoToMeeting

https://www3.gotomeeting.com/register/182542726

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-sanantonio/attachments/20130429/336417b2/attachment.html>


More information about the Owasp-sanantonio mailing list